To whom it may concern,

I found what seems to be a bug in a program called webevent 
(www.webevent.com). Webevent is a calander program that allows multiple 
users to post to, and read the calander. The bug comes in from the fact that 
you still have access to the perl file that is run when the administrator 
runs the program for the first time. Once you run this perl file, it asks 
you to enter in the admin info, e.g name, email, and....password. I've 
tested version  we3.3.3, i found this version running at www.eosmith.org 
(you can access firsttime at 
www.eosmith.org/scripts/we3.3.3/webevent.pl?cmd=firsttime (this is used to 
change the admin info and pass) and 
www.eosmith.org/scripts/we3.3.3/webevent.pl?cmd=login to login.  Perhaps 
earlier versions have the same problem. One way around this is to simply 
delete the firsttime.pl file after you configure webevent. I also wonder if 
this is a problem with whether you are using the .cgi extension or .pl 
extension....also, since you have access to write events once you get admin, 
i am looking into how you write to the server when you create and 
submitevents.
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.